Take it seriously, but be pragmatic Cryptography The Art and Science of Secret Communication Digital Signature Mathematical scheme for demonstrating the authenticity of a digital message or document Access Control The ability to selectively control who has access to given information or systems Confidentiality Confidentiality ensures information is not available to unauthorized recipients Authentication A method of determining if a person is who they say they are Encryption Encoding information so that it cannot be read by anyone without access to the key N53 Information Assurance Impacts Personal Financial Reputation Strategic Security Tools Security Concepts Disk EncryptionAccess ControlFirewallVPNsAuditAnti-VirusIntrusion Protection Physical Crime has never been stopped, why would electronic crime be any different? Done right, Cybersecurity is a high value, high margin growth business with high barriers to entry Individuals Businesses Network Attacks Hacking IP Spoofing Denial of Service Ping of Death Malware Eavesdropping DNS Poisoning Do you know what was in that cool little photoblogging app you installed Tuesday? It was a Trojan. Where will it send your data today? Malware Social Engineering 10% are lying... It's more than casual It can be professional Corporate and national espionage takes the path of least resistance. Serious opponents will find a way to get you to give them what they want You won't even know it happened Social media provides a wealth of information that can be used against you... Mobile Phones Consider how much important information you carry on your phone iPhones, Blackberries, other smartphones It may be everything that is important email contacts passwords schedule contracts business plans revenue forecast personal issues It can all be easily stolen from your phone Veterans administrationTD AmeritradeFidelityVisaTJ MaxxChoicepoint National Interests DiplomaticCommunicationsCritical InfrastructureBanking SystemLegislative, Judicial & ExecutiveMilitary & Intelligence Lasting Effects EmploymentFinancialSafetyHealth Yes. Is all hope lost? No What should I do? N53Information Assurance Cyber SecurityAwareness Training Government Has it happened to you? 90% admit to looking at others displays Cyber risk is of great concern to global enterprises. 42 percent rank it their top concern, more than natural disasters, terrorism and traditional crime. Protect your screen too! Your security spending is wasted if anyone can just look over your shoulder Consider how much important information you carry on your phone One of the more common methods of spreading malware on the Internet is through social engineering. Most malicious activity is often successful because users are deceived into believing it is legitimate. Exploitation by social engineering is extremely lucrative and is bound to significantly increase in the mobile market... Types of Social Engineering:

PHISHINGVISHINGSMISHING A criminal act of attempting to manipulate a victim into providing sensitive information by masquerading as a trustworthy entity.

This is a well established, significant cyber threat, and mobile devices provide unique opportunities for phishing. Leverages voice communications primarily. This technique can be combined with other forms of social engineering that entice a victim to call a certain number and divulge sensitive information. Vishing exploits the public's trust in telephone services.

With vishing, fraudsters call multiple phone numbers at once, hoping for unsuspecting victims to pick up the phone. Upon answering, a recorded message instructs you to call in response to fraudulent activity within a bank or credit card account. Once you call in, you’re instructed to enter sensitive numbers on the keypad. Smishing – phishing in the form of a text message to your mobile phone. (The term “smishing” comes from the idea of SMS phishing.) In this form of phishing fraud, you receive a text message directing you to call or visit a website to confirm or enter personal info. Social Networks for Dummies... Enabling Objectives: Discuss who needs Cyber SecurityTypes of Network threatsCyber Security impactsDemystification of Cyber Security Today, someone in Uzbekistan owns your Personal Information